projects / haproxy.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(merge: 0f821fd 964299b)
haproxy (2.2.9-2+deb11u4) bullseye-security; urgency=high
authorSalvatore Bonaccorso <carnil@debian.org>
Sat, 11 Feb 2023 10:40:49 +0000 (10:40 +0000)
committerSalvatore Bonaccorso <carnil@debian.org>
Sat, 11 Feb 2023 10:40:49 +0000 (10:40 +0000)
commitb28ad220fee83a1c4af7b3ef990c7a58baab79c5
tree9434b80483d298730278b66e88814562ade534ectree | snapshot
parent0f821fd55571e5b9183d1104c9fd0800957353c3commit | diff
parent964299ba279d4383488b975c648624a5ce8f4501commit | diff
haproxy (2.2.9-2+deb11u4) bullseye-security; urgency=high

  * Non-maintainer upload by the Security Team.
  * BUG/MEDIUM: mux-h2: Refuse interim responses with end-stream flag set
    (CVE-2023-0056)
  * BUG/CRITICAL: http: properly reject empty http header field names
    (CVE-2023-25725)

[dgit import unpatched haproxy 2.2.9-2+deb11u4]
81 files changed:
debian/NEWS | | blob
debian/changelog | | blob
debian/clean | | blob
debian/control | | blob
debian/copyright | | blob
debian/dconv/LICENSE | | blob
debian/dconv/NOTICE | | blob
debian/dconv/README.md | | blob
debian/dconv/css/check.png | | blob
debian/dconv/css/cross.png | | blob
debian/dconv/css/page.css | | blob
debian/dconv/haproxy-dconv.py | | blob
debian/dconv/img/logo-med.png | | blob
debian/dconv/js/typeahead.bundle.js | | blob
debian/dconv/parser/__init__.py | | blob
debian/dconv/parser/arguments.py | | blob
debian/dconv/parser/example.py | | blob
debian/dconv/parser/keyword.py | | blob
debian/dconv/parser/seealso.py | | blob
debian/dconv/parser/table.py | | blob
debian/dconv/parser/underline.py | | blob
debian/dconv/templates/parser/arguments.tpl | | blob
debian/dconv/templates/parser/example.tpl | | blob
debian/dconv/templates/parser/example/comment.tpl | | blob
debian/dconv/templates/parser/seealso.tpl | | blob
debian/dconv/templates/parser/table.tpl | | blob
debian/dconv/templates/parser/table/header.tpl | | blob
debian/dconv/templates/parser/table/row.tpl | | blob
debian/dconv/templates/parser/underline.tpl | | blob
debian/dconv/templates/summary.html | | blob
debian/dconv/templates/template.html | | blob
debian/dconv/tools/generate-docs.sh | | blob
debian/gbp.conf | | blob
debian/halog.1 | | blob
debian/haproxy-doc.doc-base.haproxy | | blob
debian/haproxy-doc.doc-base.haproxy-lua | | blob
debian/haproxy-doc.docs | | blob
debian/haproxy-doc.install | | blob
debian/haproxy-doc.links | | blob
debian/haproxy-doc.maintscript | | blob
debian/haproxy.README.Debian | | blob
debian/haproxy.cfg | | blob
debian/haproxy.default | | blob
debian/haproxy.dirs | | blob
debian/haproxy.docs | | blob
debian/haproxy.examples | | blob
debian/haproxy.init | | blob
debian/haproxy.install | | blob
debian/haproxy.maintscript | | blob
debian/haproxy.manpages | | blob
debian/haproxy.postinst | | blob
debian/haproxy.postrm | | blob
debian/haproxy.tmpfile | | blob
debian/haproxy.vim | | blob
debian/logrotate.conf | | blob
debian/patches/0001-2.0-2.3-BUG-MAJOR-htx-fix-missing-header-name-length-check-i.patch | | blob
debian/patches/0001-BUG-MAJOR-http-htx-prevent-unbounded-loop-in-http_ma.patch | | blob
debian/patches/0001-BUG-MEDIUM-h2-match-absolute-path-not-path-absolute-.patch | | blob
debian/patches/0001-BUG-MEDIUM-mux-h2-Refuse-interim-responses-with-end-.patch | | blob
debian/patches/0001-BUG-MINOR-tcpcheck-Update-.health-threshold-of-agent.patch | | blob
debian/patches/0002-Use-dpkg-buildflags-to-build-halog.patch | | blob
debian/patches/2.0-2.5-BUG-CRITICAL-http-properly-reject-empty-http-header-.patch | | blob
debian/patches/2.2-0001-MINOR-http-add-a-new-function-http_validate_scheme-t.patch | | blob
debian/patches/2.2-0002-BUG-MAJOR-h2-verify-early-that-non-http-https-scheme.patch | | blob
debian/patches/2.2-0003-BUG-MAJOR-h2-verify-that-path-starts-with-a-before-c.patch | | blob
debian/patches/2.2-0004-BUG-MAJOR-h2-enforce-checks-on-the-method-syntax-bef.patch | | blob
debian/patches/2.2-0005-BUG-MEDIUM-h2-give-authority-precedence-over-Host.patch | | blob
debian/patches/debianize-dconv.patch | | blob
debian/patches/haproxy.service-add-documentation.patch | | blob
debian/patches/haproxy.service-start-after-syslog.patch | | blob
debian/patches/series | | blob
debian/rsyslog.conf | | blob
debian/rules | | blob
debian/source/format | | blob
debian/source/include-binaries | | blob
debian/tests/cli | | blob
debian/tests/control | | blob
debian/tests/proxy-localhost | | blob
debian/vim-haproxy.install | | blob
debian/vim-haproxy.yaml | | blob
debian/watch | | blob
Unnamed repository; edit this file 'description' to name the repository.